Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.5
CVSSv2

CVE-2017-16524

Published: 06/11/2017 Updated: 29/11/2017
CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 655
Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Subscribe to Web Viewer

Vulnerability Summary

Web Viewer 1.0.0.193 on Samsung SRN-1670D devices suffers from an Unrestricted file upload vulnerability: 'network_ssl_upload.php' allows remote authenticated malicious users to upload and execute arbitrary PHP code via a filename with a .php extension, which is then accessed via a direct request to the file in the upload/ directory. To authenticate for this attack, one can obtain web-interface credentials in cleartext by leveraging the existing Local File Read Vulnerability referenced as CVE-2015-8279, which allows remote malicious users to read the web-interface credentials via a request for the cslog_export.php?path=/root/php_modules/lighttpd/sbin/userpw URI.

Vulnerable Product Search on Vulmon Subscribe to Product

hanwhasecurity web_viewer 1.0.0.193

Exploits

Exploit DB: Web Viewer 1.0.0.193 (Samsung SRN-1670D) - Unrestricted File Upload
# Exploit Title: Unrestricted file upload vulnerability - Web Viewer 100193 on Samsung SRN-1670D # Date: 2017-06-19 # Exploit Author: Omar MEZRAG - 0xFFFFFF / wwwrealistic-securitycom # Vendor Homepage: wwwhanwhasecuritycom # Version: Web Viewer 100193 on Samsung SRN-1670D # Tested on: Web Viewer 100193 # CVE : CVE-2017-16524 ...
Exploit DB: Web Viewer 1.0.0.193 (Samsung SRN-1670D) File Upload
Web Viewer version 100193 on Samsung SRN-1670D suffers from an unrestricted file upload vulnerability ...
Exploit DB: Samsung SRN-1670D Web Viewer 1.0.0.193 Arbitrary File Read / Upload
This Metasploit module exploits an unrestricted file upload vulnerability in Web Viewer 100193 on Samsung SRN-1670D devices The network_ssl_uploadphp file allows remote authenticated attackers to upload and execute arbitrary PHP code via a filename with a php extension, which is then accessed via a direct request to the file in the upload/ di ...

Github Repositories

https://github.com/realistic-security/CVE-2017-16524

Unrestricted file upload vulnerability - Web Viewer 1.0.0.193 on Samsung SRN-1670D

CVE-2017-16524 Discovered by Omar Mezrag - 0xFFFFFF Affected Product Samsung Network Video Recorders - Web Viewer 100193 on Samsung SRN-1670D Vendor of Product Hanwha / Samsung Security - wwwhanwhasecuritycom/ Vulnerability type Unrestricted file upload vulnerability Attack Vector AccessVector (AV): Network User Interaction (UI): None Authentication (Au): Requires

References

CWE-434https://github.com/realistic-security/CVE-2017-16524https://www.exploit-db.com/exploits/43138/https://nvd.nist.govhttps://github.com/realistic-security/CVE-2017-16524https://www.exploit-db.com/exploits/43138/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionfirmwareCVE-2006-4304CVE-2024-32878CVE-2024-31502XSSCVE-2024-3059CVE-2024-33692CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook